Portfolio Impact: Cybersecurity Day

Greenspring Associates’ Portfolio Impact program is dedicated to leveraging the firm’s network among corporates for the benefit of the funds and companies with which we’ve partnered. One of the most impactful ways that this effort is manifested is through highly curated, intimate events that bring together diverse perspectives – including top venture-backed companies, CIOs and senior IT executives and venture capitalists. These events provide meaningful opportunities for the stakeholders in the innovation economy to connect and gather insights that are mission critical to their business. Most importantly, the initial connections that occur at these events yield valuable customer, partner and prospective acquirer relationships that endure well after the last attendee has gone home.

Last month, Greenspring’s event strategy was illustrated in full effect at Side Channel: A Cyber Dialogue– which we hosted alongside Greenspring manager TenEleven Ventures, DataTribe and Port Covington. The event was an intimate gathering of innovators and leaders in the cybersecurity industry and featured several presentations from cutting-edge cybersecurity companies addressing varying issues within the market. The day consisted of thoughtful discussions around the future of cybersecurity on a global, national and local level and topics ranged from national security threats, trends in data breaches, the rise of cloud services, the current state of malware and more.

Presenting companies included ReFirm Labs, Attila Security, Strider Technologies, Obsidian Security, OneLogin, Blue Hexagon, Blackhorse Solutions, Verodin and Vulcan Cyber. We were also fortunate to have Michael Aiello, Director of Security Products at Google, and Ron Gula, Co-Founder of Tenable Network Security and President of Gula Technology Adventures, participate in a fireside chat moderated by Mike Janke of DataTribe. Michael and Ron discussed the importance of investors, incubators and universities teaching entrepreneurs about what the market needs and discussed several major themes we should all be paying attention to, including:

We are seeing a world where security threats are extremely multi-dimensional. With that in mind, very few organizations will select just one cloud solution and, as a result, investors and organizations can expect solutions to emerge that help organize work, both on premise and in the cloud, in a secure manner.

Twenty years ago, administrative misconfigurations and password reuse represented two of the largest security threats, if not the largest. Today, these threats remain two of the largest vulnerabilities, despite often presenting themselves differently. We are still in need of evolving solutions for these risks.

As customers continue to think through their broader budgets and their relationships with large tech providers, questions around spend/budgeting on security and protection, in addition to enablement, will continue to arise. Studies show that the costs associated with a breach or hack of any type continue to rise and, as a result, many cybersecurity providers are beginning to address the business need associated with this trend.

One prevalent theme explored throughout the day was the cost associated with cybersecurity issues. While cybercrime is not the most expensive illegal activity, it disproportionally affects people relative to costlier crimes, such as drug trafficking or government corruption. Cyber criminals can easily impact anywhere from hundreds to hundreds of millions of people. A recent study by McAfee and CSIS suggests that two-thirds of people online (more than two billion individual users) have had personal data compromised or stolen. That same study also argues that the continued growth of cybercrime is, in large part, due to the risk-to-payoff ratio associated with many of these crimes. While there have been many notable breaches as a result of cybercrimes in recent years (the 2013 Target data breach that affected over 41 million customers or the 2017 Equifax data breach that affected over 147 million customers being notable examples) it has been incredibly difficult, if not impossible, to prosecute the individuals responsible for these crimes. Many cybercriminals operate beyond the reach of law enforcement agencies, making it challenging for even the most skilled agencies to hold these individuals accountable.

Many of the companies who presented at Side Channel shared the products and platforms they have developed to help mitigate these costs and protect organizations from the many risks associated with an attack of any type. A summary of each presenting company from the event can be found below.

ReFirm Labs (Terry Dunlap, Co-Founder & Chief Strategy Officer)

ReFirm Labs provides the industry’s first IoT and firmware security solutions platform that proactively vets, validates and continuously monitors IoT devices for hidden threats. Its flagship product, Centrifuge Platform®, detects and reports potential zero-day exploits, hidden crypto keys, backdoor passwords and known vulnerabilities in IoT devices without needing access to source code. ReFirm Labs’ technology has been proven to provide the insight and intelligence needed for users to proactively defend connected devices and maintain compliance and the integrity of supply chain security. Founded by a team of former NSA offensive cyber operators, ReFirm Labs is trusted by government agencies and Fortune 500 companies that operate in a wide variety of industries including telecommunications, cloud infrastructure and data centers, automotive, health care, utilities and manufacturing. Notable customers include AT&T, Charter Communications and ARRIS. For more information, visit www.refirmlabs.com.

Attila Security (Gregg Smith, Co-Founder & Chief Executive Officer)

Attila Security is the leading provider of next generation cybersecurity products and solutions that defend across cloud, virtual, IP and IoT connected devices. Attila’s GoSilent is the first truly portable NIAP approved product with top secret level encryption for the supply chain and defense industrial base. Named among the Cybersecurity 500 index of industry leaders and awarded for its revolutionary and innovative technological advancements in portable government grade IP security, secure cloud environments and virtual servers. GoSilent is the first completely portable, government-grade VPN and Firewall that securely connects all IP devices in any environment. For more information, visit www.attilasec.com.

Obsidian enables organizations to protect their users and critical cloud assets with rich new visibility, smarter and less burdensome identity lifecycle management. At the core of Obsidian’s machine learning powered offering is the industry’s first identity graph. The identity graph maps an organization’s users to the assets for which are granted access to and is enriched with information about what users have done with their assets. The company’s leadership team includes innovators from AWS, Carbon Black, Cylance, Dome9, the NSA and VMware where they have delivered enterprise-grade products to thousands of customers. For more information, visit www.obsidiansecurity.com.

OneLogin (Brad Brooks, Chief Executive Officer & President)

OneLogin, the leader in Unified Access Management (UAM), connects people with technology through a simple and secure login process, empowering organizations to access the world. OneLogin’s UAM platform is the key to unlocking the apps, devices and data that drive productivity and facilitate collaboration. OneLogin serves businesses and partners across a multitude of industries and serves over 2,500 customers worldwide. For more information, visit www.onelogin.com.

Blue Hexagon (Brant Kennedy, Chief Revenue Officer)

Blue Hexagon is a deep learning innovator focused on protecting organizations from cyberthreats. The company’s real-time, deep learning platform is proven to detect known and unknown network threats with speed, efficacy and coverage that set a new standard for the cyber defense industry. Blue Hexagon is headquartered in Sunnyvale, CA, and backed by Benchmark and Altimeter Capital. For more information, visit www.bluehexagon.ai.

BlackHorse Solutions is a veteran-founded business providing comprehensive cyber solutions to a wide mission set across the Intelligence, Defense, Federal and Commercial communities. BlackHorse Solutions creates and leverages technology while utilizing its many years of security and intelligence expertise to deliver solutions that specifically meet its customers’ business needs. The company’s solutions are focused on full spectrum cyber, data analytics, training and tradecraft and distribution of publicly available information. For more information, visit www.blackhorsesolutions.com.

Verodin (Chris Key, Co-Founder & Chief Executive Officer)

Verodin is a developer of a business platform designed to provide solutions for validating the effectiveness of cyber security controls. The company's Security Instrumentation Platform (SIP) helps to measure and continuously validate the cumulative effectiveness of layered security infrastructures across technologies and people revealing true security postures, enabling businesses to measure, manage and improve cybersecurity effectiveness. For more information, visit www.verodin.com.

Vulcan (Yaniv Bar-Dayan, Co-Founder & Chief Executive Officer)

Today, enterprises are unable to scale their vulnerability remediation processes effectively. The modern hybrid environment is ever-changing, and when combined with the growing risk of known vulnerabilities, threat vulnerability management (TVM) processes are becoming an immense challenge. Vulcan is modernizing the way enterprises reduce their cyber risk. From detection to resolution, Vulcan automates and orchestrates the vulnerability remediation process dynamically and at scale. The platform enables security teams, for the first time, to drive forward the remediation of vulnerabilities and misconfigurations, rather than adhere to prioritization. For more information, visit www.vulcan.io.

With the world of cybersecurity ever evolving to match the needs of organizations and government agencies, we believe that bringing together diverse groups of stakeholders within cyber will continue to be of paramount importance. The venture-backed companies in attendance enjoyed the opportunity to meet prospective customers in the audience and gain valuable feedback on their offerings. Similarly, corporate executives value interacting with leading-edge companies to gain insights on the latest offerings that can help to better secure their respective enterprises. Looking forward, Greenspring’s Portfolio Impact team will continue to foster this symbiotic relationship through events in a way that results in tangible, mutually beneficial outcomes for our portfolio companies, fund managers and corporate partners.

The content here is for informational purposes only and should NOT be taken as legal, business, tax, or investment advice. It does NOT constitute an offer or solicitation to purchase any investment or a recommendation to buy or sell a security. In fact, the content is not directed to any investor or potential investor and may not be used to evaluate or make any investment.